Deserialization in Seppmail Ag Secure Email Gateway
CVE-2026-44126
SEPPmail Secure Email Gateway before version 15.0.4 insecurely deserializes untrusted data, which can be reached from the new GINA UI and may allow unauthenticated remote attackers to execute code via a crafted serialized object.
Vulnerability class: Insecure Deserialization
EPSS: 0.005 (67.3th percentile) — read the EPSS interpretation.
Affected products
- Seppmail Ag Secure Email Gateway — versions 0